GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
289 advisories
Filter by severity
Moderate severity vulnerability that affects Zope2
Moderate
CVE-2010-1104
was published
for
Zope2
(pip)
Jul 23, 2018
Cross-Site Scripting in Wagtail
Moderate
CVE-2020-15118
was published
for
wagtail
(pip)
Jul 20, 2020
Cross-site Scripting and Open Redirect in Products.CMFPlone
Moderate
GHSA-8w54-22w9-3g8f
was published
for
Products.CMFPlone
(pip)
Jan 28, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes
Moderate
GHSA-f7qw-5fgj-247x
was published
for
plone.app.contenttypes
(pip)
Feb 1, 2022
SVG with embedded scripts can lead to cross-site scripting attacks in xml2rfc
Moderate
GHSA-cf4q-4cqr-7g7w
was published
for
xml2rfc
(pip)
Apr 22, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares
Moderate
GHSA-c58j-88f5-h53f
was published
for
pycares
(pip)
Jul 5, 2022
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2022-43718
was published
for
apache-superset
(pip)
Jan 16, 2023
Apache Superset vulnerable to Cross-site Scripting
Moderate
CVE-2022-43717
was published
for
apache-superset
(pip)
Jan 16, 2023
Cross-site Scripting in FreeTAKServer-UI
Moderate
CVE-2022-25507
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Roundup
Moderate
CVE-2012-6133
was published
for
roundup
(pip)
Apr 23, 2022
Twisted vulnerable to NameVirtualHost Host header injection
Moderate
CVE-2022-39348
was published
for
twisted
(pip)
Oct 26, 2022
Pallets Werkzeug cross-site scripting vulnerability
Moderate
CVE-2016-10516
was published
for
Werkzeug
(pip)
May 14, 2022
Cross-site scripting in Contentful
Moderate
CVE-2020-13258
was published
for
contentful
(pip)
Jun 18, 2021
Cross-site Scripting in wagtail
Moderate
CVE-2021-32681
was published
for
wagtail
(pip)
Jun 17, 2021
Cross-site Scripting in django-wiki
Moderate
CVE-2021-25986
was published
for
wiki
(pip)
Dec 2, 2021
Inventree vulnerable to Stored Cross-site Scripting
Moderate
CVE-2022-3355
was published
for
inventree
(pip)
Sep 30, 2022
Graphite Web Cross-site Scripting vulnerability
Moderate
CVE-2022-4728
was published
for
graphite-web
(pip)
Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability
Moderate
CVE-2022-4729
was published
for
graphite-web
(pip)
Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability
Moderate
CVE-2022-4730
was published
for
graphite-web
(pip)
Dec 27, 2022
Cross-site Scripting in Ericsson CodeChecker
Moderate
CVE-2021-44217
was published
for
codechecker
(pip)
Jan 21, 2022
Cross-site Scripting in kiwitcms
Moderate
CVE-2022-4105
was published
for
kiwitcms
(pip)
Nov 21, 2022
Cross-site Scripting in Weblate
Moderate
CVE-2022-24710
was published
for
Weblate
(pip)
Feb 25, 2022
Cross-site Scripting in pyload-ng
Moderate
CVE-2023-0488
was published
for
pyload-ng
(pip)
Jan 27, 2023
OpenStack Swift Cross-site Scriping vulnerability
Moderate
CVE-2014-3497
was published
for
swift
(pip)
May 17, 2022
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
Moderate
CVE-2014-0157
was published
for
horizon
(pip)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API